NVD Vulnerability Information Top

Show Search Menu

Vendor Name
プロダクト・サービス名
Title
CVE
CRITICAL
HIGH
MEDIUM
LOW
CWE
In descending order of publication date
In descending order of update date
Number of items displayed

NVD Vulnerability Information Top

You can search the list of vulnerabilities managed by the NVD (National Vulnerability Database).
Since vulnerability information is often updated before JVN (Japan Vulnerability Note), vulnerabilities that are not listed in JVN may be updated.

If there is a vulnerability related to JVN (Japan Vulnerability Note), the information will be displayed on the detail page.

To search by CWE, please refer to the CWE Overview and check the CWE number.

CRITICAL
HIGH
MEDIUM
LOW

Update Date:June 13, 2026, 4:20 a.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Show Affected	Exploit PoC Search
343451	7.2	HIGH	microsoft	windows_2000 windows_2003_server windows_nt windows_xp	The Virtual DOS Machine (VDM) subsystem of Microsoft Windows NT 4.0, Windows 2000, Windows XP, and Windows Server 2003 allows local users to access kernel memory and gain privileges via a malicious p…	NVD-CWE-Other	CVE-2004-0208	2018-10-13 06:34	2004-11-3	Show	GitHub Exploit DB Packet Storm

343452	10.0	HIGH	microsoft	windows_2000 windows_2003_server windows_xp	Unknown vulnerability in the Graphics Rendering Engine processes of Microsoft Windows 2000, Windows XP, and Windows Server 2003 allows remote attackers to execute arbitrary code via (1) Windows Metaf…	NVD-CWE-Other	CVE-2004-0209	2018-10-13 06:34	2004-11-3	Show	GitHub Exploit DB Packet Storm

343453	2.1	LOW	microsoft	windows_2003_server	The kernel for Microsoft Windows Server 2003 does not reset certain values in CPU data structures, which allows local users to cause a denial of service (system crash) via a malicious program.	NVD-CWE-Other	CVE-2004-0211	2018-10-13 06:34	2004-11-3	Show	GitHub Exploit DB Packet Storm

343454	5.0	MEDIUM	avaya microsoft	ip600_media_servers outlook_express definity_one_media_server s8100 modular_messaging_message_storage_server	Microsoft Outlook Express 5.5 and 6 allows attackers to cause a denial of service (application crash) via a malformed e-mail header.	NVD-CWE-Other	CVE-2004-0215	2018-10-13 06:34	2004-08-6	Show	GitHub Exploit DB Packet Storm

343455	10.0	HIGH	microsoft	outlook_express	The MHTML protocol handler in Microsoft Outlook Express 5.5 SP2 through Outlook Express 6 SP1 allows remote attackers to bypass domain restrictions and execute arbitrary code, as demonstrated on Inte…	NVD-CWE-Other	CVE-2004-0380	2018-10-13 06:34	2004-05-4	Show	GitHub Exploit DB Packet Storm

343456	7.5	HIGH	microsoft	windows_nt	The RPC Runtime Library for Microsoft Windows NT 4.0 allows remote attackers to read active memory or cause a denial of service (system crash) via a malicious message, possibly related to improper le…	NVD-CWE-Other	CVE-2004-0569	2018-10-13 06:34	2004-11-3	Show	GitHub Exploit DB Packet Storm

343457	10.0	HIGH	microsoft	grpconv	Buffer overflow in the Windows Program Group Converter (grpconv.exe) may allow remote attackers to execute arbitrary code via a shell: URL with a long filename and a .grp extension, which is not prop…	NVD-CWE-Other	CVE-2004-0572	2018-10-13 06:34	2004-11-3	Show	GitHub Exploit DB Packet Storm

343458	10.0	HIGH	microsoft	windows_2003_server windows_xp	Integer overflow in DUNZIP32.DLL for Microsoft Windows XP, Windows XP 64-bit Edition, Windows Server 2003, and Windows Server 2003 64-bit Edition allows remote attackers to execute arbitrary code via…	NVD-CWE-Other	CVE-2004-0575	2018-10-13 06:34	2004-11-3	Show	GitHub Exploit DB Packet Storm

343459	10.0	HIGH	greg_roelofs microsoft	libpng msn_messenger windows_media_player windows_messenger windows_98se windows_me	Multiple buffer overflows in libpng 1.2.5 and earlier, as used in multiple products, allow remote attackers to execute arbitrary code via malformed PNG images in which (1) the png_handle_tRNS functio…	NVD-CWE-Other	CVE-2004-0597	2018-10-13 06:34	2004-11-23	Show	GitHub Exploit DB Packet Storm

343460	4.6	MEDIUM	microsoft	virtual_pc	VirtualPC_Services in Microsoft Virtual PC for Mac 6.0 through 6.1 allows local attackers to truncate and overwrite arbitrary files, and execute arbitrary code, via a symlink attack on the VPCService…	NVD-CWE-Other	CVE-2004-0115	2018-10-13 06:33	2004-03-3	Show	GitHub Exploit DB Packet Storm

343461	5.0	MEDIUM	microsoft	windows_2000 windows_2003_server windows_xp	An Activation function in the RPCSS Service involved with DCOM activation for Microsoft Windows 2000, XP, and 2003 allows remote attackers to cause a denial of service (memory consumption) via an act…	NVD-CWE-Other	CVE-2004-0116	2018-10-13 06:33	2004-06-1	Show	GitHub Exploit DB Packet Storm

343462	7.5	HIGH	microsoft	netmeeting windows_2000 windows_2003_server windows_98 windows_me windows_xp	Unknown vulnerability in the H.323 protocol implementation in Windows 98, Windows 2000, Windows XP, and Windows Server 2003 allows remote attackers to execute arbitrary code.	NVD-CWE-Other	CVE-2004-0117	2018-10-13 06:33	2004-06-1	Show	GitHub Exploit DB Packet Storm

343463	7.2	HIGH	microsoft	windows_2000 windows_nt	The component for the Virtual DOS Machine (VDM) subsystem in Windows NT 4.0 and Windows 2000 does not properly validate system structures, which allows local users to access protected kernel memory a…	NVD-CWE-Other	CVE-2004-0118	2018-10-13 06:33	2004-06-1	Show	GitHub Exploit DB Packet Storm

343464	5.0	MEDIUM	microsoft	windows_2000 windows_2003_server windows_xp	The Microsoft Secure Sockets Layer (SSL) library, as used in Windows 2000, Windows XP, and Windows Server 2003, allows remote attackers to cause a denial of service via malformed SSL messages.	NVD-CWE-Other	CVE-2004-0120	2018-10-13 06:33	2004-06-1	Show	GitHub Exploit DB Packet Storm

343465	7.5	HIGH	microsoft	netmeeting windows_2000 windows_2003_server windows_98 windows_me windows_nt windows_xp	Buffer overflow in the Private Communications Transport (PCT) protocol implementation in the Microsoft SSL library, as used in Microsoft Windows NT 4.0 SP6a, 2000 SP2 through SP4, XP SP1, Server 2003…	NVD-CWE-Other	CVE-2003-0719	2018-10-13 06:33	2004-06-1	Show	GitHub Exploit DB Packet Storm

343466	7.5	HIGH	microsoft	windows_2000 windows_nt windows_xp	Buffer overflow in the Windows logon process (winlogon) in Microsoft Windows NT 4.0 SP6a, 2000 SP2 through SP4, and XP SP1, when a member of a domain, allows remote attackers to execute arbitrary cod…	NVD-CWE-Other	CVE-2003-0806	2018-10-13 06:33	2004-06-1	Show	GitHub Exploit DB Packet Storm

343467	5.0	MEDIUM	microsoft	windows_2000 windows_2003_server windows_nt windows_xp	Buffer overflow in the COM Internet Services and in the RPC over HTTP Proxy components for Microsoft Windows NT Server 4.0, NT 4.0 Terminal Server Edition, 2000, XP, and Server 2003 allows remote att…	NVD-CWE-Other	CVE-2003-0807	2018-10-13 06:33	2004-06-1	Show	GitHub Exploit DB Packet Storm

343468	10.0	HIGH	microsoft	proxy_server	Buffer overflow in the H.323 filter of Microsoft Internet Security and Acceleration Server 2000 allows remote attackers to execute arbitrary code in the Microsoft Firewall Service via certain H.323 t…	CWE-119 Incorrect Access of Indexable Resource ('Range Error')	CVE-2003-0819	2018-10-13 06:33	2004-02-17	Show	GitHub Exploit DB Packet Storm

343469	7.5	HIGH	microsoft	word works	Microsoft Word 97, 98(J), 2000, and 2002, and Microsoft Works Suites 2001 through 2004, do not properly check the length of the "Macro names" data value, which could allow remote attackers to execute…	NVD-CWE-Other	CVE-2003-0820	2018-10-13 06:33	2003-12-15	Show	GitHub Exploit DB Packet Storm

343470	7.5	HIGH	microsoft	word works	Microsoft Excel 97, 2000, and 2002 allows remote attackers to execute arbitrary code via a spreadsheet with a malicious XLM (Excel 4) macro that bypasses the macro security model.	NVD-CWE-Other	CVE-2003-0821	2018-10-13 06:33	2003-12-15	Show	GitHub Exploit DB Packet Storm

343471	10.0	HIGH	microsoft	data_access_components	Buffer overflow in a component of Microsoft Data Access Components (MDAC) 2.5 through 2.8 allows remote attackers to execute arbitrary code via a malformed UDP response to a broadcast request.	CWE-119 Incorrect Access of Indexable Resource ('Range Error')	CVE-2003-0903	2018-10-13 06:33	2004-02-17	Show	GitHub Exploit DB Packet Storm

343472	5.0	MEDIUM	microsoft	windows_media_services	Unknown vulnerability in Windows Media Station Service and Windows Media Monitor Service components of Windows Media Services 4.1 allows remote attackers to cause a denial of service (disallowing new…	NVD-CWE-Other	CVE-2003-0905	2018-10-13 06:33	2004-04-15	Show	GitHub Exploit DB Packet Storm

343473	7.6	HIGH	microsoft	windows_2000 windows_nt windows_xp	Buffer overflow in the rendering for (1) Windows Metafile (WMF) or (2) Enhanced Metafile (EMF) image formats in Microsoft Windows NT 4.0 SP6a, 2000 SP2 through SP4, and XP SP1 allows remote attackers…	NVD-CWE-Other	CVE-2003-0906	2018-10-13 06:33	2004-06-1	Show	GitHub Exploit DB Packet Storm

343474	7.2	HIGH	microsoft	windows_2000	The Utility Manager in Microsoft Windows 2000 executes winhlp32.exe with system privileges, which allows local users to execute arbitrary code via a "Shatter" style attack using a Windows message tha…	NVD-CWE-Other	CVE-2003-0908	2018-10-13 06:33	2004-06-1	Show	GitHub Exploit DB Packet Storm

343475	7.2	HIGH	microsoft	windows_xp	Windows XP allows local users to execute arbitrary programs by creating a task at an elevated privilege level through the eventtriggers.exe command-line tool or the Task Scheduler service, aka "Windo…	NVD-CWE-Other	CVE-2003-0909	2018-10-13 06:33	2004-06-1	Show	GitHub Exploit DB Packet Storm

343476	7.2	HIGH	microsoft	windows_2000 windows_nt	The NtSetLdtEntries function in the programming interface for the Local Descriptor Table (LDT) in Windows NT 4.0 and Windows 2000 allows local attackers to gain access to kernel memory and execute ar…	NVD-CWE-Other	CVE-2003-0910	2018-10-13 06:33	2004-06-1	Show	GitHub Exploit DB Packet Storm

343477	6.8	MEDIUM	microsoft	content_management_server	Cross-site scripting vulnerability (XSS) in ManualLogin.asp script for Microsoft Content Management Server (MCMS) 2001 allows remote attackers to execute arbitrary script via the REASONTXT parameter.	NVD-CWE-Other	CVE-2003-0002	2018-10-13 06:32	2003-02-7	Show	GitHub Exploit DB Packet Storm

343478	7.2	HIGH	microsoft	windows_xp	Buffer overflow in the Windows Redirector function in Microsoft Windows XP allows local users to execute arbitrary code via a long parameter.	NVD-CWE-Other	CVE-2003-0004	2018-10-13 06:32	2003-02-19	Show	GitHub Exploit DB Packet Storm

343479	5.0	MEDIUM	microsoft	outlook	Microsoft Outlook 2002 does not properly handle requests to encrypt email messages with V1 Exchange Server Security certificates, which causes Outlook to send the email in plaintext, aka "Flaw in how…	NVD-CWE-Other	CVE-2003-0007	2018-10-13 06:32	2003-02-7	Show	GitHub Exploit DB Packet Storm

343480	6.8	MEDIUM	microsoft	windows_me windows_xp	Cross-site scripting (XSS) vulnerability in Help and Support Center for Microsoft Windows Me allows remote attackers to execute arbitrary script in the Local Computer security context via an hcp:// U…	NVD-CWE-Other	CVE-2003-0009	2018-10-13 06:32	2003-03-7	Show	GitHub Exploit DB Packet Storm

343481	5.0	MEDIUM	microsoft	isa_server	Unknown vulnerability in the DNS intrusion detection application filter for Microsoft Internet Security and Acceleration (ISA) Server 2000 allows remote attackers to cause a denial of service (blocke…	NVD-CWE-Other	CVE-2003-0011	2018-10-13 06:32	2003-03-24	Show	GitHub Exploit DB Packet Storm

343482	5.0	MEDIUM	microsoft	isa_server proxy_server	The Winsock Proxy service in Microsoft Proxy Server 2.0 and the Microsoft Firewall service in Internet Security and Acceleration (ISA) Server 2000 allow remote attackers to cause a denial of service …	NVD-CWE-Other	CVE-2003-0110	2018-10-13 06:32	2003-05-5	Show	GitHub Exploit DB Packet Storm

343483	7.5	HIGH	microsoft	biztalk_server	Buffer overflow in the HTTP receiver function (BizTalkHTTPReceive.dll ISAPI) of Microsoft BizTalk Server 2002 allows attackers to execute arbitrary code via a certain request to the HTTP receiver.	NVD-CWE-Other	CVE-2003-0117	2018-10-13 06:32	2003-05-12	Show	GitHub Exploit DB Packet Storm

343484	7.5	HIGH	microsoft	biztalk_server	SQL injection vulnerability in the Document Tracking and Administration (DTA) website of Microsoft BizTalk Server 2000 and 2002 allows remote attackers to execute operating system commands via a requ…	NVD-CWE-Other	CVE-2003-0118	2018-10-13 06:32	2003-05-12	Show	GitHub Exploit DB Packet Storm

343485	7.2	HIGH	microsoft	data_engine sql_server	Microsoft SQL Server 7, 2000, and MSDE allows local users to gain privileges by hijacking a named pipe during the authentication of another user, aka the "Named Pipe Hijacking" vulnerability.	CWE-264 Permissions, Privileges, and Access Controls	CVE-2003-0230	2018-10-13 06:32	2003-08-27	Show	GitHub Exploit DB Packet Storm

343486	5.0	MEDIUM	microsoft	data_engine sql_server	Microsoft SQL Server 7, 2000, and MSDE allows local or remote authenticated users to cause a denial of service (crash or hang) via a long request to a named pipe.	NVD-CWE-Other	CVE-2003-0231	2018-10-13 06:32	2003-08-27	Show	GitHub Exploit DB Packet Storm

343487	7.2	HIGH	microsoft	data_engine sql_server	Microsoft SQL Server 7, 2000, and MSDE allows local users to execute arbitrary code via a certain request to the Local Procedure Calls (LPC) port that leads to a buffer overflow.	NVD-CWE-Other	CVE-2003-0232	2018-10-13 06:32	2003-08-27	Show	GitHub Exploit DB Packet Storm

343488	7.2	HIGH	microsoft	windows_xp	Buffer overflow in EXPLORER.EXE on Windows XP allows attackers to execute arbitrary code as the XP user via a desktop.ini file with a long .ShellClassInfo parameter.	NVD-CWE-Other	CVE-2003-0306	2018-10-13 06:32	2003-06-9	Show	GitHub Exploit DB Packet Storm

343489	7.5	HIGH	microsoft	directx	Multiple integer overflows in a Microsoft Windows DirectX MIDI library (QUARTZ.DLL) allow remote attackers to execute arbitrary code via a MIDI (.mid) file with (1) large length for a Text or Copyrig…	NVD-CWE-Other	CVE-2003-0346	2018-10-13 06:32	2003-08-27	Show	GitHub Exploit DB Packet Storm

343490	10.0	HIGH	microsoft	office project visio visual_basic	Heap-based buffer overflow in VBE.DLL and VBE6.DLL of Microsoft Visual Basic for Applications (VBA) SDK 5.0 through 6.3 allows remote attackers to execute arbitrary code via a document with a long ID…	NVD-CWE-Other	CVE-2003-0347	2018-10-13 06:32	2003-10-20	Show	GitHub Exploit DB Packet Storm

343491	6.4	MEDIUM	microsoft	windows_media_player	A certain Microsoft Windows Media Player 9 Series ActiveX control allows remote attackers to view and manipulate the Media Library on the local system via HTML script.	NVD-CWE-Other	CVE-2003-0348	2018-10-13 06:32	2003-07-24	Show	GitHub Exploit DB Packet Storm

343492	7.5	HIGH	microsoft	windows_2000	Buffer overflow in the streaming media component for logging multicast requests in the ISAPI for the logging capability of Microsoft Windows Media Services (nsiislog.dll), as installed in IIS 5.0, al…	NVD-CWE-Other	CVE-2003-0349	2018-10-13 06:32	2003-07-24	Show	GitHub Exploit DB Packet Storm

343493	7.5	HIGH	microsoft	data_access_components	Buffer overflow in a component of SQL-DMO for Microsoft Data Access Components (MDAC) 2.5 through 2.7 allows remote attackers to execute arbitrary code via a long response to a broadcast request to U…	NVD-CWE-Other	CVE-2003-0353	2018-10-13 06:32	2003-08-27	Show	GitHub Exploit DB Packet Storm

343494	7.5	HIGH	microsoft	windows_2000 windows_2003_server windows_98 windows_98se windows_me windows_nt windows_xp	Buffer overflow in the HTML Converter (HTML32.cnv) on various Windows operating systems allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via cut-and-pa…	NVD-CWE-Other	CVE-2003-0469	2018-10-13 06:32	2003-08-7	Show	GitHub Exploit DB Packet Storm

343495	5.0	MEDIUM	microsoft	windows_nt	The getCanonicalPath function in Windows NT 4.0 may free memory that it does not own and cause heap corruption, which allows attackers to cause a denial of service (crash) via requests that cause a l…	NVD-CWE-Other	CVE-2003-0525	2018-10-13 06:32	2003-08-27	Show	GitHub Exploit DB Packet Storm

343496	6.8	MEDIUM	microsoft	isa_server	Cross-site scripting (XSS) vulnerability in Microsoft Internet Security and Acceleration (ISA) Server 2000 allows remote attackers to inject arbitrary web script via a URL containing the script in th…	NVD-CWE-Other	CVE-2003-0526	2018-10-13 06:32	2003-08-18	Show	GitHub Exploit DB Packet Storm

343497	7.5	HIGH	microsoft	netmeeting windows_2000 windows_2003_server windows_98 windows_me windows_nt windows_xp	Stack-based buffer overflow in certain Active Directory service functions in LSASRV.DLL of the Local Security Authority Subsystem Service (LSASS) in Microsoft Windows NT 4.0 SP6a, 2000 SP2 through SP…	NVD-CWE-Other	CVE-2003-0533	2018-10-13 06:32	2004-06-1	Show	GitHub Exploit DB Packet Storm

343498	5.0	MEDIUM	microsoft	windows_2000	Unknown vulnerability in the Local Security Authority Subsystem Service (LSASS) in Windows 2000 domain controllers allows remote attackers to cause a denial of service via a crafted LDAP message.	NVD-CWE-Other	CVE-2003-0663	2018-10-13 06:32	2004-06-1	Show	GitHub Exploit DB Packet Storm

343499	7.5	HIGH	microsoft	word works	Microsoft Word 2002, 2000, 97, and 98(J) does not properly check certain properties of a document, which allows attackers to bypass the macro security model and automatically execute arbitrary macros…	NVD-CWE-Other	CVE-2003-0664	2018-10-13 06:32	2003-10-20	Show	GitHub Exploit DB Packet Storm

343500	7.5	HIGH	microsoft	access	Buffer overflow in the ActiveX control for Microsoft Access Snapshot Viewer for Access 97, 2000, and 2002 allows remote attackers to execute arbitrary code via long parameters to the control.	NVD-CWE-Other	CVE-2003-0665	2018-10-13 06:32	2003-10-20	Show	GitHub Exploit DB Packet Storm